|
|
8cce6c |
From cb418353998513b2d1b95fbd3dbcf205c38ec4a0 Mon Sep 17 00:00:00 2001
|
|
|
8cce6c |
From: Phil Sutter <phil@nwl.cc>
|
|
|
8cce6c |
Date: Thu, 20 Dec 2018 16:09:16 +0100
|
|
|
8cce6c |
Subject: [PATCH] tests: Extend verbose output and return code tests
|
|
|
8cce6c |
|
|
|
8cce6c |
Recent changes to chain flush and zero routines incorporate proper error
|
|
|
8cce6c |
propagation so trying to flush or zero a non-existent chain results in
|
|
|
8cce6c |
an error. This is consistent with iptables-legacy, extend tests to make
|
|
|
8cce6c |
sure it stays this way.
|
|
|
8cce6c |
|
|
|
8cce6c |
Also extend verbose output test to make these recent changes didn't mess
|
|
|
8cce6c |
it up.
|
|
|
8cce6c |
|
|
|
8cce6c |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
8cce6c |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
8cce6c |
(cherry picked from commit e80f7fe56e4c64e05da426418bc2fae7ca221c49)
|
|
|
8cce6c |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
8cce6c |
---
|
|
|
8cce6c |
.../shell/testcases/iptables/0002-verbose-output_0 | 13 +++++++++----
|
|
|
8cce6c |
.../shell/testcases/iptables/0004-return-codes_0 | 6 ++++++
|
|
|
8cce6c |
2 files changed, 15 insertions(+), 4 deletions(-)
|
|
|
8cce6c |
|
|
|
8cce6c |
diff --git a/iptables/tests/shell/testcases/iptables/0002-verbose-output_0 b/iptables/tests/shell/testcases/iptables/0002-verbose-output_0
|
|
|
8cce6c |
index 2e8059536ea7b..b1ef91f61f481 100755
|
|
|
8cce6c |
--- a/iptables/tests/shell/testcases/iptables/0002-verbose-output_0
|
|
|
8cce6c |
+++ b/iptables/tests/shell/testcases/iptables/0002-verbose-output_0
|
|
|
8cce6c |
@@ -29,23 +29,28 @@ Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
|
|
|
8cce6c |
|
|
|
8cce6c |
diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -v -n -L)
|
|
|
8cce6c |
|
|
|
8cce6c |
+[[ -z $($XT_MULTI iptables -v -N foobar) ]] || exit 1
|
|
|
8cce6c |
+
|
|
|
8cce6c |
diff -u -Z <(echo -e "$VOUT1") <($XT_MULTI iptables -v -D FORWARD $RULE1)
|
|
|
8cce6c |
diff -u -Z <(echo -e "$VOUT2") <($XT_MULTI iptables -v -D FORWARD $RULE2)
|
|
|
8cce6c |
|
|
|
8cce6c |
EXPECT="Flushing chain \`INPUT'
|
|
|
8cce6c |
Flushing chain \`FORWARD'
|
|
|
8cce6c |
-Flushing chain \`OUTPUT'"
|
|
|
8cce6c |
+Flushing chain \`OUTPUT'
|
|
|
8cce6c |
+Flushing chain \`foobar'"
|
|
|
8cce6c |
|
|
|
8cce6c |
diff -u <(echo -e "$EXPECT") <($XT_MULTI iptables -v -F)
|
|
|
8cce6c |
|
|
|
8cce6c |
EXPECT="Zeroing chain \`INPUT'
|
|
|
8cce6c |
Zeroing chain \`FORWARD'
|
|
|
8cce6c |
-Zeroing chain \`OUTPUT'"
|
|
|
8cce6c |
+Zeroing chain \`OUTPUT'
|
|
|
8cce6c |
+Zeroing chain \`foobar'"
|
|
|
8cce6c |
|
|
|
8cce6c |
diff -u <(echo -e "$EXPECT") <($XT_MULTI iptables -v -Z)
|
|
|
8cce6c |
|
|
|
8cce6c |
diff -u <(echo "Flushing chain \`OUTPUT'") <($XT_MULTI iptables -v -F OUTPUT)
|
|
|
8cce6c |
diff -u <(echo "Zeroing chain \`OUTPUT'") <($XT_MULTI iptables -v -Z OUTPUT)
|
|
|
8cce6c |
+diff -u <(echo "Flushing chain \`foobar'") <($XT_MULTI iptables -v -F foobar)
|
|
|
8cce6c |
+diff -u <(echo "Zeroing chain \`foobar'") <($XT_MULTI iptables -v -Z foobar)
|
|
|
8cce6c |
|
|
|
8cce6c |
-$XT_MULTI iptables -N foo
|
|
|
8cce6c |
-diff -u <(echo "Deleting chain \`foo'") <($XT_MULTI iptables -v -X foo)
|
|
|
8cce6c |
+diff -u <(echo "Deleting chain \`foobar'") <($XT_MULTI iptables -v -X foobar)
|
|
|
8cce6c |
diff --git a/iptables/tests/shell/testcases/iptables/0004-return-codes_0 b/iptables/tests/shell/testcases/iptables/0004-return-codes_0
|
|
|
8cce6c |
index 5b6e1f6f1bc7a..9d2493992bd69 100755
|
|
|
8cce6c |
--- a/iptables/tests/shell/testcases/iptables/0004-return-codes_0
|
|
|
8cce6c |
+++ b/iptables/tests/shell/testcases/iptables/0004-return-codes_0
|
|
|
8cce6c |
@@ -23,6 +23,12 @@ cmd 1 iptables -N foo
|
|
|
8cce6c |
# iptables-nft allows this - bug or feature?
|
|
|
8cce6c |
#cmd 2 iptables -N "invalid name"
|
|
|
8cce6c |
|
|
|
8cce6c |
+# test chain flushing/zeroing
|
|
|
8cce6c |
+cmd 0 iptables -F foo
|
|
|
8cce6c |
+cmd 0 iptables -Z foo
|
|
|
8cce6c |
+cmd 1 iptables -F bar
|
|
|
8cce6c |
+cmd 1 iptables -Z bar
|
|
|
8cce6c |
+
|
|
|
8cce6c |
# test chain rename
|
|
|
8cce6c |
cmd 0 iptables -E foo bar
|
|
|
8cce6c |
cmd 1 iptables -E foo bar
|
|
|
8cce6c |
--
|
|
|
8cce6c |
2.20.1
|
|
|
8cce6c |
|